Back
 JIS  Vol.7 No.3 , April 2016
Information Availability: An Insight into the Most Important Attribute of Information Security
Abstract: This paper presents an in-depth understanding of Availability, which is one of the important pillars of Information Security and yet is not taken too seriously while talking about the security of an information system. The paper highlights the importance of Availability w.r.t. Security of information and the other attributes of security and also gives a realistic shape to the existing CIA triad security model. An in-depth understanding of the various factors that can impact the Availability of an information system (Software, Hardware and Network) is given. The paper also gives a categorization of the type of Availability that a system can have. The paper also explains the relation between Availability and other security attributes and also explains through what issues an information system may go while providing Availability.
Cite this paper: Qadir, S. and Quadri, S. (2016) Information Availability: An Insight into the Most Important Attribute of Information Security. Journal of Information Security, 7, 185-194. doi: 10.4236/jis.2016.73014.
References

[1]   Guttman, B. and Roback, E. (1995) An Introduction to Computer security: The NIST Handbook. DIANE Publishing.
http://dx.doi.org/10.6028/NIST.SP.800-12

[2]   Whitman, M.E. (2003) Enemy at the Gate: Threats to Information Security. Communications of the ACM, 46, 91-95.
http://dx.doi.org/10.1145/859670.859675

[3]   Khazanchi, D. and Martin, A.P. (2008) Information Availability. Handbook of Research on Information Security and Assurance.
http://dx.doi.org/10.4018/978-1-59904-855-0.ch019

[4]   Information Security (2001) Wikipedia, the Free Encyclopaedia.
http://en.wikipedia.org/wiki/Information_security

[5]   Andress, J. (2014) The Basics of Information Security: Understanding the Fundamentals of InfoSec in Theory and Practice. Syngress.

[6]   Chivers, H. (2004) Security and Systems Engineering. Report-University of York Department of Computer Science Ycs.

[7]   Latham, D.C. (1986) Department of Defense Trusted Computer System Evaluation Criteria. Department of Defense.

[8]   DARPA (2008) Wikipedia, the Free Encyclopaedia.
http://en.wikipedia.org/wiki/DARPA

[9]   Gligor, V.D. (1986) On Denial-of-Service in Computer Networks. Proceedings of the 2nd International Conference on Data Engineering, Los Angeles, 5-7 February 1986, 608-617.
http://dx.doi.org/10.1109/icde.1986.7266268

[10]   Information Technology Security Evaluation Criteria (ITSEC), Provisional Harmonized Criteria (1991) Luxembourg: Office for Official Publications of the European Communities, 1991 ISBN 92-826-3004-8, Catalogue Number: CD-71-91-502-EN-C©ECSC-EEC-EAEC, Brussels• Luxembourg.

[11]   Trusted Network Interpretation of the TCSEC (“The Red Book”) (1987) US Department of Defence, NCSC-TG-005.
http://csrc.nist.gov/publications/secpubs/rainbow/tg005.txt

[12]   Millen, J.K. (1995) Denial of Service: A Perspective. In: Cristian, F., Le Lann, G. and Lunt, T., Eds., Dependable Computing for Critical Applications 4, Springer, Vienna, 93-108.
http://dx.doi.org/10.1007/978-3-7091-9396-9_10

[13]   National Information Systems Security (InfoSec) Glossary (2000) National Security Telecommunications and Information Systems Security Committee. National Security Agency US.

[14]   Pfleeger, C.P. (1997) Security in Computing. Second Edition, Prentice Hall, Upper Saddle River.

[15]   Parker, D.B. (1991) Restating the Foundation of Information Security. Computer Audit Update, 1991, 2-15.
http://dx.doi.org/10.1016/0960-2593(91)90013-Y

[16]   Needham, R.M. (1994) Denial of Service: An Example. Communications of the ACM, 37, 42-46.
http://dx.doi.org/10.1145/188280.188294

[17]   Jonsson, E. (1998) An Integrated Framework for Security and Dependability. Proceedings of the 1998 Workshop on New Security Paradigms, Charlottesville, 22-26 September 1998, 22-29.
http://dx.doi.org/10.1145/310889.310903

[18]   Haugsand, J. (2004) A Model of Information Availability.

[19]   Sarkar, S. (2013) Modeling and Measurement of Availability of IT Assets in Enterprise Information System. Doctoral Dissertation, Jadavpur University, Kolkata.

[20]   Brown, A., Johnston, S. and Kelly, K. (2002) Using Service-Oriented Architecture and Component-Based Development to Build Web Service Applications. Rational Software Corporation, 6.

[21]   Grechanik, M., Perry, D.E. and Batory, D. (2006) A Security Mechanism for Component-Based Systems. 5th International Conference on Commercial-off-the-Shelf (COTS)-Based Software Systems, Orlando, 13-16 February 2006, 10 p.

[22]   Sockstress (2014) Wikipedia, the Free Encyclopaedia.
https://en.wikipedia.org/w/index.php?title=Sockstress&oldid=592455393

[23]   Anstee, D., Escobar, J., Chui, C.F. and Sockrider, G. (2015) 10th Annual Worldwide Infrastructure Security Report. Arbor Networks Inc., Burlington.

[24]   Engelmann, C., Scott, S.L., Leangsuksun, C.B. and He, X.B. (2006) Symmetric Active/Active High Availability for High-Performance Computing System Services. Journal of Computers, 1, 43-54.
http://dx.doi.org/10.4304/jcp.1.8.43-54

[25]   Vargas, E. and Sun BluePrints (2000) High Availability Fundamentals. Sun BluePrints Series, Sun Microsystems, Inc., Palo Alto.

[26]   Resnick, R.I. (1996) A Modern Taxonomy of High Availability.

[27]   Engelmann, C. and Scott, S.L. (2005) Concepts for High Availability in Scientific High-End Computing. Proceedings of High Availability and Performance Workshop (HAPCW).

[28]   Tryfonas, T., Gritzalis, D. and Kokolakis, S. (2000) A Qualitative Approach to Information Availability. In: Qing, S. and Eloff, J.H.P., Eds., Information Security for Global Information Infrastructures, Springer US, New York, 37-47.
http://dx.doi.org/10.1007/978-0-387-35515-3_5

 
 
Top